stash
This commit is contained in:
parent
8d55b00027
commit
ea27165e25
13 changed files with 162 additions and 34 deletions
|
|
@ -1,9 +1,11 @@
|
|||
from datetime import datetime
|
||||
|
||||
from django.urls import path, re_path
|
||||
from django.contrib.auth.decorators import permission_required
|
||||
from rest_framework import routers, viewsets, serializers
|
||||
from rest_framework.decorators import api_view, permission_classes, authentication_classes
|
||||
from rest_framework.decorators import api_view, permission_classes
|
||||
from rest_framework.response import Response
|
||||
from rest_framework.permissions import IsAuthenticated
|
||||
|
||||
from files.models import File
|
||||
from inventory.models import Event, Container, Item
|
||||
|
|
@ -37,7 +39,6 @@ class ContainerSerializer(serializers.ModelSerializer):
|
|||
class ContainerViewSet(viewsets.ModelViewSet):
|
||||
serializer_class = ContainerSerializer
|
||||
queryset = Container.objects.all()
|
||||
permission_classes = []
|
||||
|
||||
|
||||
class ItemSerializer(serializers.ModelSerializer):
|
||||
|
|
@ -95,6 +96,8 @@ class ItemSerializer(serializers.ModelSerializer):
|
|||
|
||||
|
||||
@api_view(['GET'])
|
||||
@permission_classes([IsAuthenticated])
|
||||
@permission_required('inventory.view_item', raise_exception=True)
|
||||
def search_items(request, event_slug, query):
|
||||
try:
|
||||
event = Event.objects.get(slug=event_slug)
|
||||
|
|
@ -109,12 +112,17 @@ def search_items(request, event_slug, query):
|
|||
|
||||
|
||||
@api_view(['GET', 'POST'])
|
||||
@permission_classes([IsAuthenticated])
|
||||
def item(request, event_slug):
|
||||
try:
|
||||
event = Event.objects.get(slug=event_slug)
|
||||
if request.method == 'GET':
|
||||
if not request.user.has_event_perm(event, 'inventory.view_item'):
|
||||
return Response(status=403)
|
||||
return Response(ItemSerializer(Item.objects.filter(event=event), many=True).data)
|
||||
elif request.method == 'POST':
|
||||
if not request.user.has_event_perm(event, 'inventory.add_item'):
|
||||
return Response(status=403)
|
||||
validated_data = ItemSerializer(data=request.data)
|
||||
if validated_data.is_valid():
|
||||
validated_data.save(event=event)
|
||||
|
|
@ -124,18 +132,25 @@ def item(request, event_slug):
|
|||
|
||||
|
||||
@api_view(['GET', 'PUT', 'DELETE'])
|
||||
@permission_classes([IsAuthenticated])
|
||||
def item_by_id(request, event_slug, id):
|
||||
try:
|
||||
event = Event.objects.get(slug=event_slug)
|
||||
item = Item.objects.get(event=event, uid=id)
|
||||
if request.method == 'GET':
|
||||
if not request.user.has_event_perm(event, 'inventory.view_item'):
|
||||
return Response(status=403)
|
||||
return Response(ItemSerializer(item).data)
|
||||
elif request.method == 'PUT':
|
||||
if not request.user.has_event_perm(event, 'inventory.change_item'):
|
||||
return Response(status=403)
|
||||
validated_data = ItemSerializer(item, data=request.data)
|
||||
if validated_data.is_valid():
|
||||
validated_data.save()
|
||||
return Response(validated_data.data)
|
||||
elif request.method == 'DELETE':
|
||||
if not request.user.has_event_perm(event, 'inventory.delete_item'):
|
||||
return Response(status=403)
|
||||
item.delete()
|
||||
return Response(status=204)
|
||||
except Item.DoesNotExist:
|
||||
|
|
|
|||
|
|
@ -1,4 +1,5 @@
|
|||
from django.test import TestCase, Client
|
||||
from django.contrib.auth.models import Permission
|
||||
from knox.models import AuthToken
|
||||
|
||||
from authentication.models import ExtendedUser
|
||||
|
|
@ -9,6 +10,7 @@ class ApiTest(TestCase):
|
|||
def setUp(self):
|
||||
super().setUp()
|
||||
self.user = ExtendedUser.objects.create_user('testuser', 'test', 'test')
|
||||
self.user.user_permissions.add(*Permission.objects.all())
|
||||
self.user.save()
|
||||
self.token = AuthToken.objects.create(user=self.user)
|
||||
self.client = Client(headers={'Authorization': 'Token ' + self.token[1]})
|
||||
|
|
|
|||
|
|
@ -1,19 +1,27 @@
|
|||
from django.test import TestCase, Client
|
||||
from inventory.models import Container
|
||||
from django.contrib.auth.models import Permission
|
||||
from knox.models import AuthToken
|
||||
|
||||
client = Client()
|
||||
from authentication.models import ExtendedUser
|
||||
from inventory.models import Container
|
||||
|
||||
|
||||
class ContainerTestCase(TestCase):
|
||||
|
||||
def setUp(self):
|
||||
self.user = ExtendedUser.objects.create_user('testuser', 'test', 'test')
|
||||
self.user.user_permissions.add(*Permission.objects.all())
|
||||
self.token = AuthToken.objects.create(user=self.user)
|
||||
self.client = Client(headers={'Authorization': 'Token ' + self.token[1]})
|
||||
|
||||
def test_empty(self):
|
||||
response = client.get('/api/2/boxes/')
|
||||
response = self.client.get('/api/2/boxes/')
|
||||
self.assertEqual(response.status_code, 200)
|
||||
self.assertEqual(response.json(), [])
|
||||
|
||||
def test_members(self):
|
||||
Container.objects.create(name='BOX')
|
||||
response = client.get('/api/2/boxes/')
|
||||
response = self.client.get('/api/2/boxes/')
|
||||
self.assertEqual(response.status_code, 200)
|
||||
self.assertEqual(len(response.json()), 1)
|
||||
self.assertEqual(response.json()[0]['cid'], 1)
|
||||
|
|
@ -24,12 +32,12 @@ class ContainerTestCase(TestCase):
|
|||
Container.objects.create(name='BOX 1')
|
||||
Container.objects.create(name='BOX 2')
|
||||
Container.objects.create(name='BOX 3')
|
||||
response = client.get('/api/2/boxes/')
|
||||
response = self.client.get('/api/2/boxes/')
|
||||
self.assertEqual(response.status_code, 200)
|
||||
self.assertEqual(len(response.json()), 3)
|
||||
|
||||
def test_create_container(self):
|
||||
response = client.post('/api/2/box/', {'name': 'BOX'})
|
||||
response = self.client.post('/api/2/box/', {'name': 'BOX'})
|
||||
self.assertEqual(response.status_code, 201)
|
||||
self.assertEqual(response.json()['cid'], 1)
|
||||
self.assertEqual(response.json()['name'], 'BOX')
|
||||
|
|
@ -39,9 +47,8 @@ class ContainerTestCase(TestCase):
|
|||
self.assertEqual(Container.objects.all()[0].name, 'BOX')
|
||||
|
||||
def test_update_container(self):
|
||||
from rest_framework.test import APIClient
|
||||
box = Container.objects.create(name='BOX 1')
|
||||
response = APIClient().put(f'/api/2/box/{box.cid}/', {'name': 'BOX 2'})
|
||||
response = self.client.put(f'/api/2/box/{box.cid}/', {'name': 'BOX 2'}, content_type='application/json')
|
||||
self.assertEqual(response.status_code, 200)
|
||||
self.assertEqual(response.json()['cid'], 1)
|
||||
self.assertEqual(response.json()['name'], 'BOX 2')
|
||||
|
|
@ -54,6 +61,6 @@ class ContainerTestCase(TestCase):
|
|||
box = Container.objects.create(name='BOX 1')
|
||||
Container.objects.create(name='BOX 2')
|
||||
self.assertEqual(len(Container.objects.all()), 2)
|
||||
response = client.delete(f'/api/2/box/{box.cid}/')
|
||||
response = self.client.delete(f'/api/2/box/{box.cid}/')
|
||||
self.assertEqual(response.status_code, 204)
|
||||
self.assertEqual(len(Container.objects.all()), 1)
|
||||
|
|
|
|||
|
|
@ -1,4 +1,5 @@
|
|||
from django.test import TestCase, Client
|
||||
from django.contrib.auth.models import Permission
|
||||
from knox.models import AuthToken
|
||||
|
||||
from authentication.models import ExtendedUser
|
||||
|
|
@ -13,6 +14,7 @@ class ItemTestCase(TestCase):
|
|||
self.event = Event.objects.create(slug='EVENT', name='Event')
|
||||
self.box = Container.objects.create(name='BOX')
|
||||
self.user = ExtendedUser.objects.create_user('testuser', 'test', 'test')
|
||||
self.user.user_permissions.add(*Permission.objects.all())
|
||||
self.token = AuthToken.objects.create(user=self.user)
|
||||
self.client = Client(headers={'Authorization': 'Token ' + self.token[1]})
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue